1. Types of information stored and transmitted
The Service is owned by Black Pearl Mail Limited (“BPM”). BPM operate an outbound email management and branding service (“The Service”). Types of information stored and/or transmitted include:
1.1. Company and User Details. Information about Customers (including but not limited to address, phone number, contact persons), End-Users (including but not limited to contact information, job title), Branding Features, email recipient delivery details and delivery information are stored in Service databases so that the Service can apply html formatting to outbound emails that are sent and management information to Customer.
1.2. Financial Information. Financial information that is collected is used to verify, identity and to bill Customer for the Service as applicable.
1.3. Email content. CONTENT OF DELIVERED EMAIL IS NOT STORED OR RETAINED BY BPM. Undeliverable email is stored by BPM for a maximum of 6 hours while in a re-sending cycle before it is deleted.
1.4. Demographic and profile data. Demographic and profile data may be collected by BPM to tailor BPM web site, Admin Console, Help Centre or any requested email communications, and to display information that is more relevant to Customer.
1.5. Google Analytics Advertiser Features. BPM uses Google Analytics in conjunction with their Re-targeting function. First party cookies are only used for this function outside of the BPM application.
2. Ownership of Data
As per Section 7.3 of terms and Conditions Agreement BPM acknowledges that the Customer owns Customer Data.
3. Retrieval of Data
Customer can access, modify and delete Customer Data via Admin Console. If the service is Terminated BPM will provide Customer access to, and the ability to export, the Customer Data for a commercially reasonable period of time at BPM’s then-current rates for the applicable Services. After a commercially reasonable period of time, BPM will delete Customer Data by removing pointers to it on BPM’s active servers and overwriting it over time; and upon request each party will promptly use commercially reasonable efforts to return or destroy all other Confidential Information, if any.
4. Confidential nature of Customer Data
4.1. Protection. BPM will protect Customer Data with the same standard of care it uses to protect its own. BPM will not disclose the Customer Data, except to Affiliates, employees and agents who need to know it and who have agreed in writing to keep it confidential.
4.2. View-ship. BPM will NOT examine the content of Customer email messages without Customer consent except if:
4.2.1.The New Zealand Department of Internal Affairs deems the Customer and/or End-User to be in possible violation of New Zealand law.
4.2.2. BPM management deem it necessary to stop or resolve an Emergency Security Issue.
5. Customer Administration of the Services
Customer may specify one or more Administrators through the Admin Console who will have the rights to access Admin Account(s) and to administer the End User Accounts. Customer is responsible for: (a) maintaining the confidentiality of the password and Admin Account(s); (b) designating those individuals who are authorized to access the Admin Account(s); (c) ensuring that contact information for Customer’s designated Administrators is accurate and kept up- to-date in the Admin Console and (d) ensuring that all activities that occur in connection with the Admin Account(s) comply with the Terms and Conditions Agreement.
6. General Security
All facilities used to store and process Customer Data will adhere to reasonable security standards. BPM has implemented at least industry standard systems and procedures to ensure the security and confidentiality of Customer Data, protect against anticipated threats or hazards to the security or integrity of Customer Data and protect against unauthorized access to or use of Customer Data.
7. Email Communications
Customer email address is used to only send information that the Customer has requested. BPM allows you to elect to receive, or not receive, certain information from BPM. BPM adheres strictly to permission-based email policy.
Payments are made securely online via Credit Card or Direct Credit. BPM keep records of Customer billing information in a secure database to facilitate future payments. All Customer credit card details are stored securely to meet PCI DSS compliance.